Threats to databases can result in the loss or degradation of the commonly accepted security goals such as integrity, availability and confidentiality.
So threats to database can be categorised as:
- Loss of Integrity.
Integrity is lost if unauthorised changes are made to the data by either intentional or accidental acts and this leads to inaccuracy, fraud or erroneous decisions.
- Loss of Availability
Its mean data is not available when needed.
- Loss of Confidentiality
Unauthorized, unanticipated or unintentional disclosure result in loss of public confidence, embarrassment, or legal action against organizations.
To protect database from these types of threats, it is common to implement four kinds of control measures
- Access Control
- Inference Control
- Flow Control
- Data Encryption